--==+ Web Slider <= 0.6 Insecure Cookie/Authentication Handling +==--
Discovered By: t0pP8uZz
Discovered On: 15 MAY 2008
Script Download: http://sourceforge.net/projects/webslider/
Vendor Has Not Been Notified!
Web Slider 1.6 (and prior), suffers from insecure cookie handling, when a admin logs in successfully a
cookie is created so admin doesnt have to login everypage, the bad thing is the coding is poor and the script
only checks to see if the cookie exists, it doesnt contain any password or anything.
"/admin.php" and access it as if you were a admin.
this should come to your attention how many web-developers are very bad coders. and leave massive
easy-to-fix holes like this in there scripts.
just remember when downloading a file of any kind to read through its source, and make sure its secure